Since this chip was designed way before Snowden happened, this instruction most probably has nothing to do with randomness.

04-04-2014, 09:27 AM

droidhacker

Is it fully 100% NSA compliant?

04-04-2014, 11:32 AM

Szzz

Quote:

the RDSEED instruction is supported with Broadwell hardware for seeding /dev/random.

There is no seed for /dev/random, as it intended to be 100% true random. Seeding is for pseudorandom number generators.

04-04-2014, 12:44 PM

erendorn

Quote:

Originally Posted by Szzz

There is no seed for /dev/random, as it intended to be 100% true random. Seeding is for pseudorandom number generators.

You can seed /dev/random. In a sense, it is actually seeded by environmental noises. Using a hardware generator can be used to get the required entropy faster, especially early after boot, even more so on predictably functioning machines.

04-04-2014, 01:45 PM

Ericg

Linus has already gone over this multiple times. /dev/random and /dev/urandom aren't seeded by a single source. They get used as one of many sources so even if one source is bad, the "bad' gets flushed out by the added entropy from other sources.

04-05-2014, 08:16 PM

Caledar

Quote:

Originally Posted by droidhacker

Is it fully 100% NSA compliant?

I should think so.

But how to tell...?

04-07-2014, 02:20 PM

strcat

Quote:

Originally Posted by Szzz

There is no seed for /dev/random, as it intended to be 100% true random. Seeding is for pseudorandom number generators.

/dev/random is also a pseudo-random number generator. It's not safe to use the unconditioned entropy because it has varying quality so it's not exposed.